src/java.rmi/share/classes/com/sun/rmi/rmid/ExecOptionPermission.java
author jlaskey
Thu, 14 Nov 2019 12:39:49 -0400
branchJDK-8193209-branch
changeset 59086 214afc7a1e02
parent 52902 e3398b2e1ab0
permissions -rw-r--r--
[mq]: refresh

/*
 * Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */

package com.sun.rmi.rmid;

import java.security.*;
import java.io.*;
import java.util.*;

/**
 * The ExecOptionPermission class represents permission for rmid to use
 * a specific command-line option when launching an activation group.
 *
 * @author Ann Wollrath
 *
 * @serial exclude
 */
public final class ExecOptionPermission extends Permission
{
    /**
     * does this permission have a wildcard at the end?
     */
    private transient boolean wildcard;

    /**
     * the name without the wildcard on the end
     */
    private transient String name;

    /**
     * UID for serialization
     */
    private static final long serialVersionUID = 5842294756823092756L;

    public ExecOptionPermission(String name) {
        super(name);
        init(name);
    }

    public ExecOptionPermission(String name, String actions) {
        this(name);
    }

    /**
     * Checks if the specified permission is "implied" by
     * this object.
     * <P>
     * More specifically, this method returns true if:
     * <ul>
     * <li> <i>p</i>'s class is the same as this object's class, and
     * <li> <i>p</i>'s name equals or (in the case of wildcards)
     *      is implied by this object's
     *      name. For example, "a.b.*" implies "a.b.c", and
     *      "a.b=*" implies "a.b=c"
     * </ul>
     *
     * @param p the permission to check against.
     *
     * @return true if the passed permission is equal to or
     * implied by this permission, false otherwise.
     */
    public boolean implies(Permission p) {
        if (!(p instanceof ExecOptionPermission))
            return false;

        ExecOptionPermission that = (ExecOptionPermission) p;

        if (this.wildcard) {
            if (that.wildcard) {
                // one wildcard can imply another
                return that.name.startsWith(name);
            } else {
                // make sure p.name is longer so a.b.* doesn't imply a.b
                return (that.name.length() > this.name.length()) &&
                    that.name.startsWith(this.name);
            }
        } else {
            if (that.wildcard) {
                // a non-wildcard can't imply a wildcard
                return false;
            } else {
                return this.name.equals(that.name);
            }
        }
    }

    /**
     * Checks two ExecOptionPermission objects for equality.
     * Checks that <i>obj</i>'s class is the same as this object's class
     * and has the same name as this object.
     *
     * @param obj the object we are testing for equality with this object.
     * @return true if <i>obj</i> is an ExecOptionPermission, and has the same
     * name as this ExecOptionPermission object, false otherwise.
     */
    public boolean equals(Object obj) {
        if (obj == this)
            return true;

        if ((obj == null) || (obj.getClass() != getClass()))
            return false;

        ExecOptionPermission that = (ExecOptionPermission) obj;

        return this.getName().equals(that.getName());
    }


    /**
     * Returns the hash code value for this object.
     * The hash code used is the hash code of the name, that is,
     * <code>getName().hashCode()</code>, where <code>getName</code> is
     * from the Permission superclass.
     *
     * @return a hash code value for this object.
     */
    public int hashCode() {
        return this.getName().hashCode();
    }

    /**
     * Returns the canonical string representation of the actions.
     *
     * @return the canonical string representation of the actions.
     */
    public String getActions() {
        return "";
    }

    /**
     * Returns a new PermissionCollection object for storing
     * ExecOptionPermission objects.
     * <p>
     * An ExecOptionPermissionCollection stores a collection of
     * ExecOptionPermission permissions.
     *
     * <p>ExecOptionPermission objects must be stored in a manner that allows
     * them to be inserted in any order, but that also enables the
     * PermissionCollection <code>implies</code> method
     * to be implemented in an efficient (and consistent) manner.
     *
     * @return a new PermissionCollection object suitable for
     * storing ExecOptionPermissions.
     */
    public PermissionCollection newPermissionCollection() {
        return new ExecOptionPermissionCollection();
    }

    /**
     * readObject is called to restore the state of the ExecOptionPermission
     * from a stream.
     */
    private synchronized void readObject(java.io.ObjectInputStream s)
         throws IOException, ClassNotFoundException
    {
        s.defaultReadObject();
        // init is called to initialize the rest of the values.
        init(getName());
    }

    /**
     * Initialize a ExecOptionPermission object. Common to all constructors.
     * Also called during de-serialization.
     */
    private void init(String name)
    {
        if (name == null)
            throw new NullPointerException("name can't be null");

        if (name.isEmpty()) {
            throw new IllegalArgumentException("name can't be empty");
        }

        if (name.endsWith(".*") || name.endsWith("=*") || name.equals("*")) {
            wildcard = true;
            if (name.length() == 1) {
                this.name = "";
            } else {
                this.name = name.substring(0, name.length()-1);
            }
        } else {
            this.name = name;
        }
    }

    /**
     * A ExecOptionPermissionCollection stores a collection
     * of ExecOptionPermission permissions. ExecOptionPermission objects
     * must be stored in a manner that allows them to be inserted in any
     * order, but enable the implies function to evaluate the implies
     * method in an efficient (and consistent) manner.
     *
     * A ExecOptionPermissionCollection handles comparing a permission like
     * "a.b.c.d.e" * with a Permission such as "a.b.*", or "*".
     *
     * @serial include
     */
    private static class ExecOptionPermissionCollection
        extends PermissionCollection
        implements java.io.Serializable
    {

        private Hashtable<String, Permission> permissions;
        private boolean all_allowed; // true if "*" is in the collection
        private static final long serialVersionUID = -1242475729790124375L;

        /**
         * Create an empty ExecOptionPermissionCollection.
         */
        public ExecOptionPermissionCollection() {
            permissions = new Hashtable<>(11);
            all_allowed = false;
        }

        /**
         * Adds a permission to the collection. The key for the hash is
         * permission.name.
         *
         * @param permission the Permission object to add.
         *
         * @exception IllegalArgumentException - if the permission is not a
         *                                       ExecOptionPermission
         *
         * @exception SecurityException - if this ExecOptionPermissionCollection
         *                                object has been marked readonly
         */

        public void add(Permission permission)
        {
            if (! (permission instanceof ExecOptionPermission))
                throw new IllegalArgumentException("invalid permission: "+
                                                   permission);
            if (isReadOnly())
                throw new SecurityException("attempt to add a Permission to a readonly PermissionCollection");

            ExecOptionPermission p = (ExecOptionPermission) permission;

            permissions.put(p.getName(), permission);
            if (!all_allowed) {
                if (p.getName().equals("*"))
                    all_allowed = true;
            }
        }

        /**
         * Check and see if this set of permissions implies the permissions
         * expressed in "permission".
         *
         * @param p the Permission object to compare
         *
         * @return true if "permission" is a proper subset of a permission in
         * the set, false if not.
         */
        public boolean implies(Permission permission)
        {
            if (! (permission instanceof ExecOptionPermission))
                return false;

            ExecOptionPermission p = (ExecOptionPermission) permission;

            // short circuit if the "*" Permission was added
            if (all_allowed)
                return true;

            // strategy:
            // Check for full match first. Then work our way up the
            // name looking for matches on a.b.*

            String pname = p.getName();

            Permission x = permissions.get(pname);

            if (x != null)
                // we have a direct hit!
                return x.implies(permission);


            // work our way up the tree...
            int last, offset;

            offset = pname.length() - 1;

            while ((last = pname.lastIndexOf('.', offset)) != -1) {

                pname = pname.substring(0, last+1) + "*";
                x = permissions.get(pname);

                if (x != null) {
                    return x.implies(permission);
                }
                offset = last - 1;
            }

            // check for "=*" wildcard match
            pname = p.getName();
            offset = pname.length() - 1;

            while ((last = pname.lastIndexOf('=', offset)) != -1) {

                pname = pname.substring(0, last+1) + "*";
                x = permissions.get(pname);

                if (x != null) {
                    return x.implies(permission);
                }
                offset = last - 1;
            }

            // we don't have to check for "*" as it was already checked
            // at the top (all_allowed), so we just return false
            return false;
        }

        /**
         * Returns an enumeration of all the ExecOptionPermission objects in the
         * container.
         *
         * @return an enumeration of all the ExecOptionPermission objects.
         */

        public Enumeration<Permission> elements()
        {
            return permissions.elements();
        }
    }
}